<?php
/*
 * Created on Apr 3, 2006
 *
 */
 
require_once('sql_connection.php');
require_once('functions/sql.php');


class Sql_offender extends Sql_connection {

    function __construct() {
        parent :: __construct();
    }

    function get_offenders() {
        $query = "SELECT plate FROM Offender";
        return column_as_array(mysql_query($query));	

    }

    function insert_offender($offender) {
        if ($this->exists($offender)) {
            return $this->offender_id($offender);
        }
        else {
            $offender = mysql_input($offender);

            $query = "INSERT INTO Offender(plate) VALUES('$offender')";
            if (!mysql_query($query))
                die ("insert_offender() - DB error: " . mysql_error());	

            return mysql_insert_id();

        }
    }

    function offender_exists($offender) {
        print "Method deprecated. Use method exists instead.";
        assert(false);
    }

    function exists($offender, $using_id = null) {
        $offender = mysql_input($offender);
        $query = "SELECT plate FROM Offender ";
        $query .= $using_id ? "WHERE id = $offender"
                            : "WHERE plate = '$offender'";


        $result = mysql_query($query);
        if (!$result)
            die ("exists() - DB error: " . mysql_error());

        return (mysql_num_rows($result) > 0);

    }

    /**
     * Finds offender ID for given plate.
     */
    public function offender_id($offender) {
        $offender = mysql_input($offender);
        $query = "SELECT id FROM Offender WHERE plate = '$offender'";
        $result = get_single_result($query);
        return $result[0];
    }

    /**
     * Returns a description. 
     * Set second parameter to true, if first param is ID, rather than plate.
     */
    function get_description($offender_id) {
        assert(is_numeric($offender_id));

        $query = "SELECT description, user, time, date
                FROM Offender_description
                WHERE offender = '$offender_id'";

        return get_single_result($query);
    }

   # function get_description_history($offender) {
   #     $offender = mysql_input($offender);

   #     $query = "SELECT id, date, time, user
   #         FROM Offender_description
   #         WHERE offender = '$offender'
   #         ORDER BY date DESC, time DESC";


   #     return get_results($query);
   # }

    #function insert_description($offender, $description) {
    #    $user = get_user();
    #    if (!$this->exists($offender))
    #        die ("insert_description() - Unknown offender.");

    #    $query = sprintf("INSERT INTO Offender_description(offender, date, time, description, user)
    #            VALUES('%s', now() , now(), '%s', '%s')",
    #            mysql_input($offender),
    #            htmlspecialchars(mysql_input($description)),
    #            $user);

    #    if (!mysql_query($query))
    #        die ("insert description() - DB error: " . mysql_error());
    #}

    function get_actions($offender_id) {
        assert(is_numeric($offender_id));

        $query = "SELECT id, date, time, user, action
            FROM Offender_action
            WHERE offender = '$offender_id'";


        return get_results($query);
    }

    #function get_offender_from_description($id) {
    #    if (!is_numeric($id))
    #        die ("get_offender_from_description() - invalid id");

    #    $query = "SELECT offender FROM Offender_description WHERE id = '$id'";
    #    $result = mysql_query($query);
    #    $row = mysql_fetch_assoc($result);
    #    return $row[offender];	

    #}

    #function insert_action($offender, $action) {
    #    $user = get_user();
    #    if (!$this->exists($offender))
    #        die ("insert_action() - Unknown offender.");

    #    $query = sprintf("INSERT INTO Offender_action(offender, date, time, user, action)
    #            VALUES('%s', now(), now(), '%s', '%s')",
    #            mysql_input($offender),
    #            $user,
    #            htmlspecialchars(mysql_input($action)));
    #    if (!mysql_query($query))
    #        die ("insert_action() - DB error: " . mysql_error());	
    #}

}

?>
